CentOS7修改ssh端口并通过密码登录

 

CentOS7相比CentOS6的防火墙改变特别大,所以记录下

1.修改sshd端口并只限制密钥登录

编辑/etc/ssh/sshd_config

Port 20755
PermitRootLogin no
PubkeyAuthentication yes

PermitEmptyPasswords no
PasswordAuthentication no

#GSSAPIAuthentication yes
#GSSAPICleanupCredentials no

UseDNS no

 

2. 修改防火墙开放端口

cp /usr/lib/firewalld/services/ssh.xml /etc/firewalld/services/
vim /etc/firewalld/services/ssh.xml
<port protocol="tcp" port="20755"/>

vim /etc/firewalld/zones/public.xml
<?xml version="1.0" encoding="utf-8"?>
<zone>
<short>Public</short>
<description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
<service name="dhcpv6-client"/>

<rule family="ipv4">
<source address="172.16.60.0/24"/>
<service name="ssh"/>
<accept/>
</rule>
</zone>

 

3. 登录普通用户

useradd hzkeung

su - hzkeung

mkdir .ssh

chmod 600 .ssh

vi .ssh/authorized_keys #输入密钥的公钥

chmod 600 .ssh/authorized_keys

 

4.切换到root, 并重新加载配置文件
systemctl restart sshd.service; firewall-cmd --reload

暂无评论

发送评论 编辑评论


				
|´・ω・)ノ
ヾ(≧∇≦*)ゝ
(☆ω☆)
(╯‵□′)╯︵┴─┴
 ̄﹃ ̄
(/ω\)
∠( ᐛ 」∠)_
(๑•̀ㅁ•́ฅ)
→_→
୧(๑•̀⌄•́๑)૭
٩(ˊᗜˋ*)و
(ノ°ο°)ノ
(´இ皿இ`)
⌇●﹏●⌇
(ฅ´ω`ฅ)
(╯°A°)╯︵○○○
φ( ̄∇ ̄o)
ヾ(´・ ・`。)ノ"
( ง ᵒ̌皿ᵒ̌)ง⁼³₌₃
(ó﹏ò。)
Σ(っ °Д °;)っ
( ,,´・ω・)ノ"(´っω・`。)
╮(╯▽╰)╭
o(*////▽////*)q
>﹏<
( ๑´•ω•) "(ㆆᴗㆆ)
😂
😀
😅
😊
🙂
🙃
😌
😍
😘
😜
😝
😏
😒
🙄
😳
😡
😔
😫
😱
😭
💩
👻
🙌
🖕
👍
👫
👬
👭
🌚
🌝
🙈
💊
😶
🙏
🍦
🍉
😣
Source: github.com/k4yt3x/flowerhd
颜文字
Emoji
小恐龙
花!
上一篇
下一篇